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1 . Claims 1 -33 are pending. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 1-33 are rejected under 35 U.S.C. § 102(e) as being anticipated by Grantges, Jr. 
et a! [Grantges 6,510,464 B1]. 

2. As per claim 1 , Grantges discloses a method of controlling at a gateway 
computing device access of a client machine to a desired resource hosted on a 
destination server, the desired resource being of at least one material type selected 
from the group including audible materials, readable materials and viewable materials 
[Grantges, a gateway proxy server and web server, Fig 1 . It was obvious the Web 
server provides video/audio/text services], 

(a) at the gateway computing device receiving handshaking packets from the 
client machine intended to begin a session with the destination server [Grantges, 
handshaking, col 6 lines 37-67]; 

(b) redirecting network communications, including the steps of: 

redirecting the handshaking packets by rewriting the destination address 
in the handshaking packets IP headers to route the packets to an access 
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controlling web server that is remote from the client, the gateway, and the 
destination server [Grantges, handshaking, col 6 lines 37-67]; 

receiving a content request packet from the client machine at the gateway 
destined for the destination server intended to retrieve the desired resource from 
the destination server [Grantges, the destination servers, col 7 lines 1-8]; 

at the gateway redirecting the content request packet by rewriting the 
destination address in the packet IP header to route the packet to the access 
control web server [Grantges, a gateway proxy server and web server, Fig 1. It 
was obvious the proxy means redirect the IP address of header to route the 
packet to access control server or authorization server]; 

(c) receiving a response at the gateway from the access controlling web server 
[Grange, Fig 1]; and 

(d) at the gateway, controlling access of the client machine to the desired 
resource based on the response from the access controlling web server, including 
refusing the client machine access to the desired resource if the response from the 
access controlling web server indicates that the client should not have access to the 
desired resource and granting the client machine access to the desired resource if the 
response from the access controlling web server indicates that the client should have 
access to the desired resource [Grantges, gateway 38 and authorization server 46, Fig 
1]. 

3. Claims 17 and 33 contain the similar limitations set forth of method claim 1. 
Therefore, claims 17,33 are rejected for the similar rationale set forth in claimi . 
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4. As per claims 2,18 Grantges discloses establishing a connection between the 
client machine and the destination server if the response indicates that access to the 
desired resource is allowable [Grantges, the authorization server 46, Fig 1]. 

5. As per claims 3,19 Grantges discloses the content request packet comprises a 
GET URL packet [Grantges URL, col 8 lines 15-28, col 10 lines 33-54]. 

6. As per claims 4,20 Grantges discloses the response indicates that access to the 
desired resource is allowable if the access controlling web server does not recognize 
the URL of the GET URL packet as an inherent feature of authorization server, 

7. As per claims 5,21 Grantges discloses the step of refusing a connection to the 
destination server, and establishing instead a connection between the client machine 
and the access controlling web server if the response is that the access controlling web 
server recognizes the URL of the GET LTRL packet as an inherent feature of 
authorization server. 

8. As per claims 6,13,22,29 Grantges discloses resending the handshaking packets 
and GET URL packet to the destination server transparently with respect to the client 
machine [Grantges, col 12 lines 36-45], 
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9. As per claims 8,1 5,24,31 Grantges discloses the step of determining whether to 
redirect network communications based on the content of a handshaking packet as 
inherent feature of communication between gateway and authorization server. 

1 0. As per claims 9, 1 6,25,32 Grantges discloses the step of determining whether to 
redirect network communications comprises deciding to redirect network 
communications if the handshaking packet is a SYN packet directed to port 80 on the 
destination server as inherent feature of communication between gateway and 
authorization server. 

11. As per claims 10,26 Grantges discloses the response indicates that access to the 
desired resource is allowable if the access controlling web server recognizes the URL of 
the GET URL packet as inherent feature of communication between gateway and 
authorization server. 

1 2. As per claims 1 1 ,27 Grantges discloses the step of refusing a connection to the 
destination server, and establishing instead a connection between the client machine 
and the access controlling web server if the response indicates that the access 
controlling web server does not recognize the URL of the GET URL packet as inherent 
feature of authorization server process. 
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13. As per claims 12,28 Grantges discloses the access controlling web server is an 
RSACi Web Server as inherent feature of Web server. 

14. As per claims 7,14,23,30 Grantges discloses the invention as describe above 
except embedding an identity token readable by the access controlling web server in 
the GET URL packet, wherein the identity token uniquely identifies the client machine 
[Grantges, user ID information, col 11 lines 60-63]. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-33 are rejected under 35 U.S.C. § 103 as being unpatentable over Elgressy et 

al [Elgressy 6.336,140 B1] in view of Short et al [Short 6,636,894 B1]. 

1 5. As per claim 1 , Elgressy discloses a method of controlling at a gateway 
computing device access of a client machine to a desired resource hosted on a 
destination server, the desired resource being of at least one material type selected 
from the group including audible materials, readable materials and viewable materials 
[Elgressy, a client communicates to web server via gateway, abstract. It was obvious 
the internet provides video/ audio/text data], 
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(a) at the gateway computing device receiving handshaking packets from the 
client machine intended to begin a session with the destination server [Elgressy , 
handshaking, col 5 lines 21-33]; 

(c) receiving a response at the gateway from the access controlling web server 
[Elgressy, handshaking, col 5 lines 21-33]; and 

(d) at the gateway, controlling access of the client machine to the desired 
resource based on the response from the access controlling web server, including 
refusing the client machine access to the desired resource if the response from the 
access controlling web server indicates that the client should not have access to the 
desired resource and granting the client machine access to the desired resource if the 
response from the access controlling web server indicates that the client should have 
access to the desired resource [Elgressy, the gateway receives a signal from the 
checker indicating that the header is forbidden by security policy, col 5 line 50-col 6 line 
18] 

However Elgressy does not details (b) redirecting network communications, 
including the steps of: 

redirecting the handshaking packets by rewriting the destination address 
in the handshaking packets IP headers to route the packets to an access 
controlling web server that is remote from the client, the gateway, and the 
destination server; 
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receiving a content request packet from the client machine at the gateway 
destined for the destination server intended to retrieve the desired resource from 
the destination server; 

at the gateway redirecting the content request packet by rewriting the 
destination address in the packet IP header to route the packet to the access 
control web server; 

A skilled artisan would have motivation to improve the gateway services between 
clients/servers and found Short teaching. Short discloses a method for using an 
authorization server, which located within gateway, to redirect user request based on 
the user access right to the destination network [Short, abstract, col 5 lines 15-35,col 7 
line 54-col 8 line 42] 

Therefore, it would have been obvious to one having ordinary skill in the art at 
the time the invention was made to incorporate the technique of redirection the client 
request based on the user access right to the destination network as taught by Short 
into the Elgress/s apparatus in order to utilize the gateway on network. Doing so would 
enhance the security and provide a dynamic control access over the Internet. 

1 6. Claims 1 7 and 33 contain the similar limitations set forth of method claim 1 . 
Therefore, claims 1 7,33 are rejected for the similar rationale set forth in claimi . 
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17. As per claims 2,18 Elgressy-Short disclose establishing a connection between 
the client machine and the destination server if the response indicates that access to 
the desired resource is allowable as inherent feature of authorization server. 

18. As per claims 3,1 9 Elgressy-Short disclose the content request packet comprises 
a GET URL packet [Elgressy, GET_ command, col 5 lines 21-43]. 

19. As per claims 4,20 Elgressy-Short disclose the response indicates that access to 
the desired resource is allowable if the access controlling web server does not 
recognize the URL of the GET URL packet as inherent feature of authorization server. 

20. As per claims 5,21 Elgressy-Short disclose the step of refusing a connection to 
the destination server, and establishing instead a connection between the client 
machine and the access controlling web server if the response is that the access 
controlling web server recognizes the URL of the GET URL packet as inherent feature 
of authorization server. 

21. As per claims 6,13,22,29 Elgressy-Short disclose resending the handshaking 
packets and GET URL packet to the destination server transparently with respect to the 
client machine [Elgressy, handshaking, col 5 lines 21-33]. 
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22. As per claims 8,15,24,31 Elgressy-Short disclose the step of determining 
whether to redirect network communications based on the content of a handshaking 
packet as inherent feature of authorization server. 

23. As per claims 9,1 6,25,32 Elgressy-Short disclose the step of determining 
whether to redirect network communications comprises deciding to redirect network 
communications if the handshaking packet is a SYN packet directed to port 80 on the 
destination server as inherent feature of authorization server, 

24. As per claims 10,26 Elgressy-Short disclose the response indicates that access 
to the desired resource is allowable if the access controlling web server recognizes the 
URL of the GET URL packet as inherent feature of authorization server. 

25. As per claims 1 1 ,27 Elgressy-Short disclose the step of refusing a connection to 
the destination server, and establishing instead a connection between the client 
machine and the access controlling web server if the response indicates that the access 
controlling web server does not recognize the URL of the GET URL packet as inherent 
feature of authorization server. 

26. As per claims 12,28 Elgressy-Short disclose the access controlling web server is 
an RSACi Web Server as inherent feature of Web server. 
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27. As per claims 7,14,23,30 Elgressy-Short disclose the Invention as describe 
above except embedding an identity token readable by the access controlling web 
server in the GET URL packet, wherein the identity token uniquely identifies the client 
machine [Elgressy, checking a header to identify resources which permitted according 
to a security policy, col 8 lines 3-12], 



28. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to examiner Thong Vu, whose telephone number is (703)-305-4643. 
The examiner can normally be reached on Monday-Thursday from 8:00AM- 4:30PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jack Harvey, can be reached at (703) 305-9705. 

Any inquiry of a general nature or relating to the status of this application should be 
directed to the Group receptionist whose telephone number is (703) 305-9700. 

Any response to this action should be mailed to: Commissioner of Patent and 
Trademarks, Washington, D.C. 20231 or faxed to : 
After Final (703)746-7238 
Official: (703) 746-7239 
Non-Official (703)746-7240 
Hand-delivered responses should be brought to Crystal Park 1 1,2121 Crystal Drive, 
Arlington. VA., Sixth Floor (Receptionist). 



Thong Vu 
Patent Examiner 
Art Unit 2142 




